Cisco Virtual Office: High Availability Design Guide

Similar documents
Cisco Virtual Office Deployment Guide

DYNAMIC MULTIPOINT VPN HUB AND SPOKE INTRODUCTION

Cisco Dynamic Multipoint VPN: Simple and Secure Branch-to-Branch Communications

Network Management for Common Topologies How best to use LiveAction for managing WAN and campus networks

Managing and Maintaining Windows Server 2008 Servers

Configure ISDN Backup and VPN Connection

Evaluating the Cisco ASA Adaptive Security Appliance VPN Subsystem Architecture

Designing a Windows Server 2008 Network Infrastructure

Module 1: Overview of Network Infrastructure Design This module describes the key components of network infrastructure design.

BUY ONLINE AT:

Cisco EXAM Implementing Cisco Secure Mobility Solutions (SIMOS) Buy Full Product.

SSECMGT: CManaging Enterprise Security with Cisco Security Manager v4.x

Planning and Administering Windows Server 2008 Servers

Course Venue :- Lab 302, IT Dept., Govt. Polytechnic Mumbai, Bandra (E)

How To Design An Ipsec Vpn Network Connection

Microsoft Windows Server 2008: MS-6435 Designing Network and Applications Infrastructure MCITP 6435

MOC 6435A Designing a Windows Server 2008 Network Infrastructure

Securing Networks with Cisco Routers and Switches 1.0 (SECURE)

Managing Enterprise Security with Cisco Security Manager

Networking Topology For Your System

Extending Your IT Infrastructure Into Amazon Web Services Using Cisco DMVPN and the Cisco Cloud Services Router 1000V Series

Course Outline. Course 20412B: Configuring Advanced Windows Server 2012 Services. Duration: 5 Days

Point-to-Point GRE over IPsec Design and Implementation

Implementing Core Cisco ASA Security (SASAC)

Appendix A Core Concepts in SQL Server High Availability and Replication

Recent Achievements for Computer and Communication Network Management

Planning and Administering Windows Server 2008 Servers

Cisco Group Encrypted Transport VPN: Tunnel-less VPN Delivering Encryption and Authentication for the WAN

Configuring Advanced Windows Server 2012 Services

Server Virtualization with Windows Server Hyper-V and System Center

Server Virtualization with Windows Server Hyper-V and System Center

Managing Enterprise Security with Cisco Security Manager

Advanced IPSec with GET VPN. Nadhem J. AlFardan Consulting System Engineer Cisco Systems

R3: Windows Server 2008 Administration. Course Overview. Course Outline. Course Length: 4 Day

CCNP SWITCH: Implementing High Availability and Redundancy in a Campus Network

Server Virtualization with Windows Server Hyper-V and System Center

Designing a Data Solution with Microsoft SQL Server 2014

NetSpective Global Proxy Configuration Guide

Licenses are not interchangeable between the ISRs and NGX Series ISRs.

Course 20412A: Configuring Advanced Windows Server 2012 Services

How To Make Biztalk Highly Available

Outline. MCSA: Server Virtualization

Server Virtualization with Windows Server Hyper-V and System Center

Troubleshooting and Maintaining Cisco IP Networks Volume 1

Configuring Advanced Windows Server 2012 Services MOC 20412

Server Virtualization with Windows Server Hyper-V and System Center

How To Load Balance On A Cisco Cisco Cs3.X With A Csono Css 3.X And Csonos 3.5.X (Cisco Css) On A Powerline With A Powerpack (C

Virtual PortChannels: Building Networks without Spanning Tree Protocol

Simplify Your Route to the Internet:

Smart Tips. Enabling WAN Load Balancing. Key Features. Network Diagram. Overview. Featured Products. WAN Failover. Enabling WAN Load Balancing Page 1

IPSec-VPN as a backup for the RMDCN

SAN Conceptual and Design Basics

IWAN Security for Remote Site Direct Internet Access and Guest Wireless

Web Drive Limited TERMS AND CONDITIONS FOR THE SUPPLY OF SERVER HOSTING

TechBrief Introduction

VitalPBX. Hosted Voice That Works. For You

Resilient Voice Architecture

High Availability for Citrix XenApp

Configuring Advanced Windows Server 2012 Services

VPN Only Connection Information and Sign up

Fundamentals of Windows Server 2008 Network and Applications Infrastructure

WAN Failover Scenarios Using Digi Wireless WAN Routers

MS Configuring Advanced Windows Server 2012 Services

Addendum 03. This is the Final Extension in response and due to the above received request:

How To Load balance traffic of Mail server hosted in the Internal network and redirect traffic over preferred Interface

Eliminate SQL Server Downtime Even for maintenance

Server-Virtualisierung mit Windows Server Hyper-V und System Center MOC 20409

"Charting the Course... MOC B Server Virtualization with Windows Hyper-V and System Center. Course Summary

Cisco IP Solution Center MPLS VPN Management 5.0

Cisco Networking Academy CCNP Multilayer Switching

Planning and Administering Windows Server 2008 Servers

ICTTEN4215A Install and configure internet protocol TV in a service provider network

Managing and Maintaining Windows Server 2008 Servers (6430) Course length: 5 days

Microsoft Exam

Configuring Advanced Windows Server 2012 Services 5 Days

Case Study for Layer 3 Authentication and Encryption

Availability Guide for Deploying SQL Server on VMware vsphere. August 2009

Professional Profile Company Experience & Biography SixNet Consulting Group .SixNetConsulting

CA ARCserve Replication and High Availability Deployment Options for Hyper-V

Active-Active and High Availability

XLink ClusterReplica SQL 3.0 For Windows 2000/2003/XP

Active Directory Infrastructure Design Document

Server Software Installation Guide

: Interconnecting Cisco Networking Devices Part 2 v2.0 (ICND2)

PREPARED FOR ABC CORPORATION

Comparing Three Solutions

Training Name Installing and Configuring Windows Server 2012

Implementing Storage Concentrator FailOver Clusters

MS Implementing an Advanced Server Infrastructure

Request for Proposal MDM Offeror s Questions for RFP for Virtual Private Network Solution (VPN)

MCSA: Windows Server 2012 Boot Camp

Building Reliable, Scalable AR System Solutions. High-Availability. White Paper

Astaro Deployment Guide High Availability Options Clustering and Hot Standby

Course 20465C: Designing a Data Solution with Microsoft SQL Server

Transcription:

Design Guide Cisco Virtual Office: High Availability Design Guide May, 2012 2012 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 1 of 8

Contents DMVPN Redundancy... 3 Dual (or multiple) hubs, single cloud... 3 Public Key Infrastructure High Availability... 7 ManageExpress Virtual Office (MEVO) High Availability... 8 2012 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 2 of 8

DMVPN Redundancy Dual (or multiple) hubs, single cloud Use this model if all your spokes will use the same hub as primary. This model applies whether the hubs are colocated in the same data center or in different, geographically separated, data centers. Each spoke will have one multipoint Generic Router Encapsulation (mgre) tunnel interface (DMVPN cloud) configured with two next-hop servers, and will have simultaneous active connections to both hubs. The routing metrics on the hub routers can be used to specify which hub is primary (lower metric) and which hub is secondary. Sample spoke tunnel configuration: interface Tunnel1 description Spoke Tunnel ip address 10.1.1.3 255.255.255.0 ip hello-interval eigrp 99 30 ip nhrp map multicast 192.168.1.1 ip nhrp map multicast 192.168.1.2 ip nhrp map 10.1.1.1 192.168.1.1 ip nhrp map 10.1.1.2 192.168.1.2 ip nhrp network-id 123 ip nhrp holdtime 300 ip nhrp nhs 10.1.1.1 ip nhrp nhs 10.1.1.2 ip nhrp registration no-unique ip nhrp shortcut load-interval 30 delay 2000 tunnel source FastEthernet4 tunnel key 123 tunnel protection ipsec profile protect Sample hub tunnel configuration Primary Hub: interface Tunnel1 ip address 10.1.1.1 255.255.255.0 2012 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 3 of 8

ip hello-interval eigrp 99 30 no ip split-horizon eigrp 99 ip pim dr-priority 10 ip pim nbma-mode ip pim sparse-dense-mode ip nhrp map multicast dynamic ip nhrp network-id 123 ip nhrp redirect delay 1900 qos pre-classify tunnel source Loopback1 tunnel key 123 tunnel protection ipsec profile protect shared Secondary Hub: interface Tunnel1 ip address 10.1.1.2 255.255.255.0 ip hello-interval eigrp 99 30 no ip split-horizon eigrp 99 ip pim dr-priority 10 ip pim nbma-mode ip pim sparse-dense-mode ip nhrp map multicast dynamic ip nhrp network-id 123 ip nhrp redirect delay 2000 qos pre-classify tunnel source Loopback1 tunnel key 123 tunnel protection ipsec profile protect shared 2012 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 4 of 8

Dual (or multiple) hubs, dual clouds Use this model if you have geographically dispersed spokes and you want each region to connect to a different primary DMVPN hub.the use case can be described in the diagram provided below. Each spoke will have simultaneous active connections to both clouds, and each hub will belong to only one cloud. For the East Coast spoke, the East Coast cloud will act as primary, and the west coast cloud will provide failover and vice versa for the west coast spoke. Each cloud will: Represent one tunnel interface configuration on the spoke. Have a separate tunnel IP address Use a different metric for its tunnel interface The primary and failover cloud is selected by utilizing the tunnel metric. For the primary, the metric will be set to a lower value than the cloud that is further away. Sample spoke tunnel configurations using Enhanced Interior Gateway Protocol (EIGRP): interface Tunnel0 description Primary Tunnel ip address 10.1.1.3 255.255.255.0 ip hello-interval eigrp 99 30 ip nhrp map multicast 192.168.1.1 ip nhrp map 10.1.1.1 192.168.1.1 ip nhrp network-id 123 ip nhrp holdtime 300 ip nhrp nhs 10.1.1.1 2012 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 5 of 8

ip nhrp registration no-unique ip nhrp shortcut load-interval 30 delay 1900 tunnel source FastEthernet4 tunnel key 123 tunnel protection ipsec profile protect shared interface Tunnel1 description Secondary Tunnel ip address 10.50.50.3 255.255.255.0 ip hello-interval eigrp 99 30 ip nhrp map multicast 172.16.1.1 ip nhrp map 10.50.50.1 172.16.1.1 ip nhrp network-id 567 ip nhrp holdtime 300 ip nhrp nhs 10.50.50.1 ip nhrp registration no-unique ip nhrp shortcut load-interval 30 delay 2000 tunnel source FastEthernet4 tunnel key 567 tunnel protection ipsec profile protect shared Note: If asymmetric routing between the West Coast spokes and East Coast spokes (shown in the figure above) should be avoided, make sure that the sum of the metrics on the link between the hubs and the link between each regional hub and its corresponding spokes is less than the metric on the link between the hub in one region and the spokes in the other region. Looking at the figure below, make sure that X+Y<Z. 2012 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 6 of 8

Public Key Infrastructure High Availability When using a Cisco IOS Certificate Authority (CA) in Cisco Virtual Office, high availability can be achieved using the Public Key Infrastructure (PKI)-HA feature. Please refer to the following guide for more details on PKI-HA. The Secure Device Provisioning (SDP) registrar should be provisioned on both the primary and backup CAs: http://www.cisco.com/en/us/prod/collateral/iosswrel/ps6537/ps6586/ps6638/ps6664/configuration_guide c07_62 1400.html 2012 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 7 of 8

ManageExpress Virtual Office (MEVO) High Availability MEVO doesn t sit in the data/critical path in Cisco Virtual Office. If the MEVO server goes down, the spokes that are already online will not be affected. The only functions affected will be the addition of new spokes, and configuration and image changes. With that in mind, it is enough to backup the MEVO database and restore it in case the server goes down, as shown in this document (use your Arcana Networks download credentials to download the file): http://downloads.arcananet.com/files/docs/me-backupprocedure.pdf. A MEVO backup can be done while the service is running, without causing any outage. In the case where a MEVO active/active HA is still desired, here are deployment options you can use: Vmware vmotion Microsoft SQL merge replication (log shipping is also supported for an active/standby model) Windows DFS for template and configuration file replication Windows NLB for providing a single virtual IP address. Content switches and clustered SQL servers are also supported. The SQL cluster can be shared or dedicated. Preferred OS: Windows 2008R2 Preferred database: Microsoft SQL 2008R2 Printed in USA C07-708674-00 06/12 2012 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 8 of 8

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information